Connecting the New World with the Old World via Commerce and Dialog

Tag: Spies

Espionage, in Hollywood terms, involves agents in tuxedos who brandish high tech surveillance gear and weaponry. For the Chinese Communist Party, however, espionage is conducted in plainer, but more nefarious ways.

On July 28, the Institute for Critical Infrastructure Technology, a nonprofit cybersecurity think tank., held an event in Washington D.C. to explain findings on Chinese espionage detailed in its recent report, “China’s Espionage Dynasty: Economic Death by a Thousand Cuts.” Joshua Philipp, who covers national security for Epoch Times, presented on the overt structure and operations of the Chinese regime’s systems for intelligence gathering and control in the United States and abroad.

Drawing on his earlier reporting and interviews, as well as other news reports and literature, Philipp showed how the Chinese regime exploits the open system of the United States to advance their espionage, which chiefly involves infiltrating overseas Chinese communities or underground groups, then bringing these organizations in line with an overarching “united front.”

Philips said that two key Communist Party organs, the United Front Department and the Overseas Chinese Affairs Office, facilitate the Chinese regime’s efforts to govern ethnic Chinese living abroad. “The Chinese Communist Party regards Chinese expats, Chinese immigrants in other countries, and even second and third generation Chinese as part of the Chinese system,” said Philipp.

Thus, Chinese students have been recruited as special agents, and Chinese newspapers that are partial to the regime receive financial support through advertisements from companies in mainland China, Philipp said, citing documents leaked to Epoch Times by Chinese defector and former diplomat Chen Yonglin.

The Chinese regime has also attempted to infiltrate the tongs—the Chinese community groups established by early immigrants to provide support their countrymen of the same clan or province. Today, these tongs have “extremely large memberships,” according to Philipp.

“If you want to expand the influence of the Chinese Communist Party in foreign countries, this is the easiest way to do it,” Philipp said. “You go to the people who already govern these communities, and give them incentive to act as pseudo communist officials overseas.”

Through the tongs, the Chinese regime then influences foreign politics. Philipp noted that two aides of former New York City Comptroller John Liu, who ran for mayor in 2008, were linked with powerful local tongs, and even Beijing.

This news analysis was originally dispatched as part of Epoch Times China email newsletters. Subscribe to the newsletters by filling your email in the “China D-brief” box under this article.
Chinese telecommunications company Huawei recently unveiled its new P9 smartphone, and as a recent Wired headline states, “Huawei just copied the iPhone—down to the last screw.”
Incidents like this aren’t anything new when it comes to Chinese tech companies. Epoch Times noted back in 2014 that Chinese company Xiaomi had built its entire brand around copying Apple, right down to its CEO dressing like Steve Jobs during product events.
The recent development does, however, highlight an important issue.
Just a few months ago, U.S. leaders were adamant about stopping the Chinese regime’s use of cyberattacks to steal information from U.S. companies. This led to the agreement, announced by President Barack Obama and Chinese leader Xi Jinping, on Sept. 25, 2015, to end the use of cyberattacks for economic theft.
Obama stated, at the time, “We’ve agreed that neither the U.S. or the Chinese government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage.”
There is mixed reporting on how effective the agreement was. A “60 Minutes” segment on Jan. 17 noted that the day after the announcement, Chinese cyberattacks on U.S. businesses continued as usual. Cybersecurity company FireEye claimed the agreement did reduce the number of Chinese cyberattacks on U.S. companies, but its claims are also contested by other cyber researchers.
As I mentioned in an article around that time, however, the key problem with the cyber agreement is that it only addressed cyberattacks used for economic theft, and it only addressed economic theft conducted through cyber.
In other words, the agreement does nothing to stop cyberattacks used for intelligence gathering. This means the Chinese cyberattacks on the Office of Personnel Management, which stole 21.5 million records on current and former U.S. federal employees, falls outside the program.
And just as importantly, the agreement does nothing to stop Chinese economic theft using methods other than cyberespionage.
That last part is important. The part that’s often overlooked in China’s use of cyberattacks for economic theft, is that cyber is merely one of many tools the Chinese regime uses for theft of information, and all its tools are in turn just extensions of a system being directed by Chinese policy.
The Chinese regime still has a large focus on using conventional spies to steal information. Over the course of just three weeks in April, there were four cases of alleged Chinese spies targeting the United States.
Even this month, there has already been one case of an individual conducting what resembles espionage on behalf of the Chinese regime. A former U.S. Army contractor was sentenced to six months in home confinement for lying on his security clearance form by concealing that he formerly served in the Chinese People’s Liberation Army. The individual had also violated security protocols by connecting a USB drive to a computer on the Army network, then trying to cover his tracks.
MORE:Canada Says Huawei Employees May Be Spies, Rejects Immigration Applications
The fact is, the Chinese Communist Party has a vast system for stealing information from the United States and from U.S. businesses.
Its other methods include its use of vast networks of student spies, its use of academic research partnerships, its use of front organizations including Chinese hometown associations, its use of business partnerships around research, and its use of inviting foreign experts on key topics to visit China and either present or cooperate on research around their expertise.
Then, there are Chinese “grey markets,” where Chinese factories that manufacture foreign goods simply do additional production runs, so they can make and sell the products themselves.
Stopping the cyberattacks won’t stop the problem. Cyber certainly makes it easier for the Chinese regime to steal products and designs, but again, they have plenty of other tools at their disposal.
Think of cyber as just one head of a hydra. You can cut off the head, but two heads will grow back in its place. With the Chinese regime, if cyber is removed from the equation of economic theft, it will simply find other, more effective means.
Yet, just like the mythical hydra, the way to stop this system is to stop swinging at the appendages, and go straight for the heart—and for the Chinese regime, the heart of these programs are its internal policies and facilities for stealing and copying foreign technology.
MORE:Faced With Barrage of Chinese Spies, US Expands Rules for National Security Cases
Its policies for economic theft include Project 863, the Torch Program, the 973 Program, and the 211 Program. It also has a vast system of centers designed to reverse-engineer stolen technology, known as China’s National Technology Transfer Centers or National Demonstration Organizations.
With recent U.S. efforts to stop the Chinese regime’s use of economic theft, the question shouldn’t be whether the cyberattacks stopped. The questions should be whether the Chinese regime ended its policies that guide economic theft, and whether it closed its facilities dedicated to copying stolen technology. The answer so far to both of these questions is a simple “no.”

The Canadian consulate in Hong Kong allegedly rejected the immigration requests of two Huawei employees, citing “reasonable grounds” that they may be spies.
The reasons for the rejections were outlined in two letters, obtained by the South China Morning Post.
A letter from Canada’s Hong Kong consulate in March states the immigration application was rejected on ground the individual falls under section 34(1)(f) of the Immigration and Refugee Protection Act. The section refers to people employed by organizations involved in subversion, terrorism, or espionage.
The second rejection letter, sent in April, cited the same concerns over an individual’s spouse.
South China Morning Post did not release names of the alleged spies, but the piece is slanted in their defense. The Hong Kong-based news outlet has for years been growing closer to the Chinese regime, but came under more direct influence after its purchase by Alibaba CEO Jack Ma in December 2015.
The Canadian consulate in Hong Kong did not immediately respond to an email inquiring about the claims.
Huawei is a Chinese telecommunications company which has been accused of spying on behalf of the Chinese Communist Party. The U.S. House Intelligence Committee listed the company in 2012 as a national security threat, and it has since been accused of launching cyberattacks and placing backdoors in its products.
MORE:Faced With Barrage of Chinese Spies, US Expands Rules for National Security Cases
Australia blocked Huawei from bidding on its national broadband plan in 2012, and the United States also banned it from bidding on government contracts.
Despite the concerns, Huawei was able to find a market in Canada, according to Bloomberg in 2014, where it supplies 3G and 4G network equipment to two of the country’s largest cellular operators, Bell Canada and Telus.
Its relationship with Canada has been lined with caution, however. Vice obtained two memos in 2014 from Canada’s Department of Public Safety, stating concerns it could threaten the country’s telecommunications infrastructure and networks.

In his 1949 book, “1984,” George Orwell warned of a dystopian future where the authoritarian “Big Brother” regime monitors its citizens through television-like “telescreens,” and has created elaborate systems for social control.
Today, the Chinese Communist Party (CCP) has far surpassed the oppressive regime in Orwell’s vision, and here are six spy programs they’ve used to do it.
1) “Big Intelligence”
The Chinese regime is spying on every one of its citizens, including top leaders of the CCP. It does this through a program called “Big Intelligence,” which is operated by its Ministry of Public Security.
The program was revealed in 2014, and had already been running for close to 10 years. The former chief of the Chongqing Public Security Bureau told Sound of Hope Radio that using “Big Intelligence,” the CCP can review all 1.3 billion Chinese people in 12 minutes, every person on China’s wanted list in 4 minutes, and every driver’s license in China in 3.5 minutes.
“Big Intelligence” is a dragnet surveillance program that puts Orwell’s fictional “telescreens” to shame. It gathers information from surveillance cameras located everywhere from taxis, to street corners, to shops, and uses this information to track people down. Sound of Hope Radio noted the CCP had been installing hundreds of thousands of surveillance cameras in every city. In 2014, the system had more than 50,000 surveillance cameras in Chongqing alone.
Police in Beijing announced in October 2015 their network of surveillance cameras were manned by more than 4,300 officers who monitor “100 percent of the capital.” The systems are commonly used to track religious believers and political dissidents.
2) The “Social Credit System”
What’s an authoritarian regime, if it doesn’t persecute people for independent thought? In Orwell’s vision, citizens are persecuted for “thought crimes.” It’s the same way under the CCP, where even user agreements for most major tech companies forbid “thought” and “speech” if it challenges the CCP’s rule.
But the Chinese regime takes it a few steps further with its Social Credit System. This program gathers all available information on every Chinese citizen, then uses it to assign each person a rating. Since this rating can affect a person’s ability to get a job, take a loan, or buy a house, it functions as a tool that facilitates self-censorship.
Since the Social Credit System also can lower someone’s rating if they have a friend or family member with a low rating, it creates an environment where friends and family members are expected to enforce the CCP’s policies on each other.
Chris Chappell, host of China Uncensored, described the program in May 2015, as “kind of like Yelp, only, instead of customers going to a restaurant and giving it a score, it’s the Communist Party, giving a score, to every one of the 1.3 billion people living in China.”
3) Internet Police
If you’re living in an environment without free thought or free speech, you can still usually find solace on the Internet—which grants some level of anonymity. That’s not the case in China.
In an assessment on Internet freedom in 65 countries around the world conducted by independent watchdog organization Freedom House in 2015 China ranked dead last—lower than even Cuba and Syria.
Part of this low score can be attributed to the CCP’s agents who monitor online discussions, pull content offline, and report netizens to the proper authorities. And it also employs a massive network of an estimated 500,000 Internet trolls, known as the “50-cent army,” employed to promote and defend the CCP’s online propaganda globally.
Among the many Internet crimes that can get you arrested in China are “spreading rumors” that fall outside the CCP’s narrative on news stories, criticizing the Chinese regime, and promoting subversive concepts like “democracy.”
4) Car Spying
One of the big flaws with using surveillance cameras and the Internet to spy on citizens, is that as soon as they jump into a car, they’re much harder to track.
The CCP has found a way around this. In addition to police surveillance cameras installed in taxis, they’ve started requiring drives to carry electronic IDs that track the vehicles.
The first stage of the program is being tested in Shenzhen, where the CCP recently issued 200,000 of the ID cards to drivers of vehicles including commercial transport trucks and school buses. According to Reuters, if the program goes according to plan, the CCP will expand it for all private cars in the city.
Of course, the CCP has used similar systems in the past. In 2011, it was revealed that Chinese authorities were installing spy devices on all dual-plate Chinese-Hong Kong vehicles. The spy devices could listen to conversations and track the vehicles and were being hidden in “inspection and quarantine cards” from the Shenzhen Inspection and Quarantine Bureau.
5) Spying on Gadgets
It’s becoming more common for governments everywhere to spy on phone calls, but the CCP again has them beat with its elaborate spy systems either installed on devices with cyberattacks, or pre-installed at the factory level.
During the 2014 pro-democracy protests in Hong Kong, many of the protesters had their computers, cellphones, and tablets hacked in what researchers found were elaborate Chinese cyberattacks targeting democracy activists.
MORE:Investigative Report: A Hospital Built for MurderYou’re on File: Exclusive Inside Story on China’s Database of Americans
Michael Shaulov, CEO of Lacoon Mobile Security, helped uncover the cyberattacks aimed at smartphones, and he said the breach could give a government actor access to every part of the phones—including the camera, microphone, internal history, and GPS location. He said, “For the purpose of spying it’s probably the perfect tool.”
Chinese companies also have a long track record of selling phones and other devices with viruses and spy programs already installed on them, which relay user data back to China.
6) Pre-Crime
Even if you do manage to avoid “thought crimes” in China, you may still have to look over your shoulder. The Chinese regime is now looking for ways to detect “pre-crime.”
According to Bloomberg, the CCP directed one of its largest state-run defense contractors, China Electronics Technology Group, to build new software that collects information on people’s jobs, hobbies, buying habits, and other behavior.
The CCP’s

An insider in China has revealed to the Epoch Times that he helped build a database that is now being used to handle Americans’ personal information stolen in cyberattacks.
The FBI revealed on June 4, 2015, that a cyberattack, allegedly from China, stole personal information on close to 21.5 million U.S. federal employees after breaking into the computer files of the Office of Personnel Management (OPM). Subsequent Chinese cyberattacks have also targeted personal data on Americans, including the February 2015 breach of Anthem that stole close to 80 million records.
Speculation began soon after on how the Chinese regime could use the data. A July 2015 report from the Congressional Research Service states “experts in and out of government” suspect the Chinese regime may be building a database on federal employees it could use for espionage.
With a database like this, the Chinese regime can have a systematic roadmap of Americans and their connections, and information it can use to blackmail government employees, recruit insiders as spies, and monitor people who speak out against its policies.
FBI Director James Comey said in a Sept. 10, 2015, hearing on cybersecurity, “There is a significant counterintelligence threat that’s associated” with a nation–state getting hold of the data.
According to the insider, the Chinese Communist Party (CCP) has built the database needed to make use of the massive trove of stolen data. He said that to create the spy database, the CCP brought in a small group of independent software developers from the United States, who worked alongside Chinese security branches to implement the system.
The source requested to have his name withheld, in fear of reprisal from the CCP. Other sources confirmed this man’s identity, and said that he would have access to the kind of information he gave the Epoch Times. In the past, he has provided the Epoch Times with significant information about confidential matters in China that has proven accurate.
(Illustration by Jens Almroth/Epoch Times)
The new system is part of a broader shift in the Chinese regime’s efforts in espionage and social control. With the database, the CCP is now keeping tabs on foreigners in much the same way it has kept tabs on its own citizens, their connections, and their political thoughts.
Chinese spy agencies finished building the system around July 2013. In March 2014, Chinese hackers originally tried, and failed, to breach OPM.
The source said one of the leading organizations involved in the project was the 61 Research Institute, which is one of four known research institutes under the Third Department of the General Staff Department—the branch of the People’s Liberation Army in charge of its military hackers.
The Epoch Times exposed in a previous investigation that the 61 Research Institute is one of the leading organizations behind the CCP’s state-run cyberattacks.
The organization is led by Wang Jianxin, a son of Wang Zheng, who helped establish the CCP’s signals intelligence operations under Mao Zedong.
While the 61 Research Institute’s role in the project ties it to global cyberespionage, the source said many other Chinese domestic security branches were also involved in building the system—including various branches of the police and about six branches of the secret police.
The functions of the spy system, and the departments involved, suggest it will be used not only as a database on foreigners, but also as a system to better monitor Chinese people. The source noted that one of its functions will be to gather information on individuals from all available sources in China, and outside China, that can be used for criminal trials.
“Our intelligence sources corroborate this information,” said Casey Fleming, CEO of BLACKOPS Partners Corporation, which provides cybersecurity intelligence, strategy, and risk reduction to some of the largest companies in the world.
“Our ongoing intelligence gathering shows indication that this database has been in process at least over the last three years—commanded at the highest levels of the Chinese government,” he said in a phone interview.
Big Data Espionage
According to the source, the software used for the database was originally a big data analytics program for smart city measurements, and the CCP altered it for its own uses.

Chinese hackers stole personal information on approxiamtely 21.5 million Americans from the computer files of the U.S. government’s Office of Personnel Management. (Chinamil.com.cn)
What made the software attractive was its powerful functions for gathering information, and showing relationships between data. The source said it was also scalable—enough to hold credentials on every Chinese citizen, and to display everything from their personal data, to data on their family members, relations, and personal background.

The spy database displays data in nodes, which can be displayed by themselves, in relation to other data or events.
The system is capable of ingesting and sorting large amounts of data. The source noted the spy database is even better at this than some open source programs designed for the purpose.
A security service using the system could conduct deep data mining on personal files in the system, to show how individuals relate to one another, even over set timeframes.
The system can also be used to collect data on individuals. The source said it can gather information on people from Chinese security offices, from its own internal database, and from sources abroad, outside the Chinese firewall.
According to the source, getting personal data on foreigners—including Americans—is fairly easy. He said it’s often not necessary for the Chinese regime to use cyberattacks to steal sensitive information.
He said U.S. banks, for example, often hire many people from other countries, and many tech industries do the same. Many of these individuals can be given trusted positions within these companies, and he said it’s not uncommon for some of these individuals to take data out of the companies, and sell it.
It’s not difficult, he said, to create a fairly deep profile on a person using data stolen from just a handful of sources.
The Chinese spy system he helped build, he said, takes this information and organizes it in a form that departments of the Chinese regime can then use—whether it be for industrial espionage, or other purposes.
Fleming said that although the most visible Chinese cyberattacks feeding

The Chinese regime is accusing a Canadian, Kevin Garratt, of spying and stealing state secrets. According to Chinese state-run news outlet Xinhua, authorities announced on Jan. 28 that Garratt will stand trial in Dandong City in northeast China’s Liaoning Province.
It appears the Chinese regime is using the case to lessen international pressure about its own use of espionage.
When he and his wife, Julie Garratt—who was released on bail last year—were arrested in Dandong in August 2014, it was widely reported that the arrests were a tit-for-tat move related to espionage.
Just one week before Garratt and his wife were arrested, Canada Prime Minister Stephen Harper condemned the Chinese regime for supporting cyberspies who had hacked Canadian government computers and stolen information.
“Chinese authorities could be targeting them to send a message to Ottawa,” Vice News reported at the time, noting it was both the first time Canada had accused the Chinese regime of cyberespionage, and the first time the Chinese regime had accused a Canadian citizen of stealing state secrets.
Just a day prior to Garratt’s indictment on Jan. 27, a spy case involving a Chinese national made headlines in the United States, which may be related to the indictment’s timing.
Mo Hailong, pled guilty in an Iowa court to a long-term conspiracy to steal trade secrets from DuPont Pioneer and Monsanto.
The case of Mo Hailong is significant. While stories about Chinese espionage are common, it’s rare that a Chinese national pleads guilty in a U.S. court for stealing trade secrets.
Chinese authorities have a track record of using spy accusations as a political tool.
In September and October 2015, Chinese authorities arrested four Japanese nationals. Japan denied the accusations—noting that one of the men had merely taken photos of Chinese military aircraft and airfields.
There was broad speculation at the time that the Chinese regime made the arrests in retaliation, after Japan made allegations about Chinese spies operating in Tokyo.
There have been similar cases of a tit for tat response over military and business issues. In August 2014, the Chinese regime declared Australia a military threat to its national security, after Australia finalized a 25-year military pact with the United States.
MORE:CHINA SECURITY: The Inner Workings of Chinese Economic Espionage
After the FBI and U.S. Department of Justice charged five Chinese military officers for cyberespionage in May 2014, the Chinese regime also responded by lashing out at U.S. technology companies—including Microsoft and IBM—which it accused of spying.
In this latest case, it’s likely the Chinese regime is using Garratt to lessen the bad press about its use of espionage, by supporting its frequently used excuse when facing spy accusations that China is also a victim of espionage.
While Mo Hailong is facing at most five years in prison, however, Garratt is facing the death sentence.

Rumor has it the Chinese regime will move its cyberwarfare units under a single command structure. Unnamed sources told Bloomberg in mid-October that Chinese cyber units from all departments would be moved under a centralized command under the Central Military Commission.
Changes were allegedly discussed during the Chinese Communist Party’s (CCP) Fifth Plenum, attended by more than 350 top CCP officials, where they lay out the new five-year economic plan.
Bloomberg followed with some interesting analysis, but in my opinion, it missed the mark. First of all, the Chinese regime already has a command structure for its cyber departments, which on the surface—and under proposed changes—is headed by the Central Military Commission. Second, proposals for the new Chinese military structure give a much more complex picture of how its cyber units will be managed.
As things stand now, the CCP’s cyber units are broken into three tiers. The structure, which is already under the Central Military Commission, was detailed in the latest edition of The Science of Military Strategy, published by the top research institute of the People’s Liberation Army (PLA). While the document was released in 2013, details on the cyber structure were only reported in the West in March this year.
At the top of the cyber structure are the specialized PLA military units assigned to attack and defend networks. Next are the specialists in civilian organizations—including the the Ministry of State Security and the Ministry of Public Security—that are “authorized by the military to carry out network warfare operations.” The third tier are groups outside the regime, which presumably include nationalistic hackers (often known as “Patriot Hackers”), that can be called on for cyber operations when needed.
The Central Military Commission is technically in charge of these units, but when it comes to actual power within the PLA, things aren’t that simple.
According to the surface structure, the Central Military Commission heads the General Staff Department, which in turn heads the hacker units under its Third Department. In an investigative report in September, however, Epoch Times revealed that the real power behind the PLA hackers is the 61 Research Department of the Third Department.
The 61 Research Institute is led by Maj. Gen. Wang Jianxin, son of Wang Zheng who pioneered the CCP’s signals intelligence operations under Mao Zedong. Sources told Epoch Times that while Wang’s department is several tiers below the Central Military Commission, he’s an extremely powerful man.
This is where the new structure comes into play. It ties into plans to restructure the entire PLA, and cut 300,000 troops, announced by CCP leader Xi Jinping in early September.
Shortly after the announcement, South China Morning Post—which has been growing increasingly close to the Chinese regime—released an infographic showing a proposal for the new structure.
Under the current system, most of the military is controlled by the Central Military Commission, with some power shared with the State Council through its joint influence over the Ministry of National Defense.
With the new structure, however, a large chunk of military units would be placed under the Ministry of National Defense—which means the State Council would have more of a hand in their operations.
The State Council is technically the government of China, but it’s still controlled by the CCP.
Meanwhile, the unit in charge of the hackers—the General Staff Department—would be given command over three other departments: General Political Department, General Logistics Department, and the General Armaments Department.
In an odd knot, control of those same three departments will be shared under the Ministry of National Defense. And oddly, also under the Ministry of National Defense will be some departments with ties to cyberespionage. Among them are the regional defense and research departments, the National Defense University, the Academy of Military Science, and the National University of Defense Technology.
In other words, the military hackers would officially remain under the Central Military Commission, but departments tied to their operations would be jointly controlled by an office managed by both the Central Military Commission and the State Council.
Keep in mind, these are still just proposals. But it appears the changes aren’t meant to consolidate command of the CCP’s hackers. Instead, it looks like the changes are designed to reign in the hackers by giving the State Council some indirect sway over their actions. Several sources have told Epoch Times that the Chinese regime has trouble controlling finances tied to military hackers, and this has caused forms of corruption that the leadership wishes to stem.
The new system would give the State Council—the highest executive agency in the Chinese state (though of course below the Politburo Standing Committee)—more oversight. This puts the infrastructure for economic theft under the Ministry of Defense, while giving more government oversight over the activities, thus depriving the PLA of some of its autonomy.